Best firewall gateway version of Linux ?

[Alex Satrapa]

On Tuesday, January 15, 2002, at 11:03 , Rasjid Wilcox wrote:

> No-one really answered the 'some idea of the most common version' part 
> of
> your question.  However, I know that despite moves afoot from 
> Smoothwall to
> IPCop, a number of list members use Smoothwall.

I think the implicit answer to that question was "neither Smoothwall nor 
IPCop".  Most people use the "roll your own" version!

I have used SmoothWall GPL in the past, and what I found is that 
pre-packaged firewalls are great if you only want to do what the 
firewall was designed to let you do - ie: browse the web and read mail 
through web-mail sites, or using IMAP clients that connect to external 
servers.

SmoothWall GPL at the time did not let you do things like:
  - SSH into your network from outside
  - Set up a tunnel between your network and someone else's (or vice 
versa)

Then of course are the maintenance issues - the version of SmoothWall 
that I first used didn't use logrotate.  So the logs just grew and grew 
and grew until the hard drive filled up and my SmoothWall box silently 
failed to do anything.

To present you the "PPP log", SmoothWall would parse the entire syslog 
looking for "pppd" entries.  The sensible thing to do would have been to 
generate the ppp log as events happen.  In Debian for example, you get 
the convenient /var/log/ppp.log.  No need to parse anything, and you 
even get logrotate thrown in to the deal ;)

The only feature I liked about SmoothWall GPL was that it made it 
possible for my non-tech housemates to dial up to the internet by 
clicking a button on a web page.  Easy.  So I ripped out the scripts 
responsible and stuck them on a Debian box.

Alex